/**  
 * 
 */
package com.astrocsr.action.securitylist;

import java.util.List;

import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;

import com.astrocsr.action.BaseAction;
import com.astrocsr.business.AuditLogManager;
import com.astrocsr.business.SecurityListManager;
import com.astrocsr.common.Constants;
import com.astrocsr.common.helper.ContextHelper;
import com.astrocsr.domain.model.AccessRightModel;
import com.astrocsr.domain.web.GroupInfo;
import com.astrocsr.domain.web.ModuleInfo;
import com.astrocsr.domain.web.PermissionInfo;
import com.opensymphony.xwork2.ModelDriven;

@Controller("accessRightAction")
@Scope("prototype")
public class AccessRightAction extends BaseAction implements
		ModelDriven<AccessRightModel> {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;
	private AccessRightModel model = new AccessRightModel(); 

	private @Autowired
	SecurityListManager securityManager;
	
	private @Autowired
	AuditLogManager auditLogManager;

	public AccessRightModel getModel() {
		// TODO Auto-generated method stub
		return model;
	}

	static final Logger log = Logger.getLogger(AccessRightAction.class);
	
	public String initAccessright() throws Exception {
		log.info("initAccessright.start");
		try {
			String currentGroupCode = ContextHelper.getCurrentRole();
			System.out.println("currentGroupCode = " + currentGroupCode);
			//List<GroupInfo> groupInfoList = securityManager.listGroupHierarchy(currentGroupCode);
			List<GroupInfo> groupInfoList = securityManager.listGroupByParentCode(currentGroupCode);
			model.setGroupInfoList(groupInfoList);

		} catch (Exception ex) {
			log.error(ex.getMessage(), ex);
			throw ex;
		}
		log.info("initAccessright.end");
		return SUCCESS;
	}
	
	public String listModule() throws Exception {
		log.info("listModule.start");
		try {
			// get listAccessrole from bussiness layer
			List<ModuleInfo> moduleInfoList = securityManager.listModule();

			// set listAccessrole to jsp
			model.setModuleInfoList(moduleInfoList);

		} catch (Exception ex) {
			log.error(ex.getMessage(), ex);
			throw ex;
		}
		log.info("listModule.end");
		return SUCCESS;
	}

	public String executeSearchPermission() throws Exception {
		log.info("executeSearchPermission.start");
		String selectedGroupCode = model.getSelectedGroupCode();
		try {
			if (StringUtils.isNotBlank(selectedGroupCode)) {
				// get listAccessrole from business layer
				List<PermissionInfo> permissionInfoList = securityManager.listPermission(selectedGroupCode);
	
				// set listAccessrole to jsp
				model.setPermissionInfoList(permissionInfoList);
				
				auditLogManager.addAuditlog(
						Constants.LOG_ACCT_TYPE_ACCESS,		//0
						Constants.LOG_ActCode_Group_DEL, 	//1 
						Constants.LOG_ActName_Group_DEL, 	//2
						ContextHelper.getLoginId(), 		//3
						ContextHelper.getCurrentRole(), 	//4
						"Search Permission for Group " + selectedGroupCode, //5
						request.getRemoteAddr()				//6
						);
			}

		} catch (Exception ex) {
			log.error(ex.getMessage(), ex);
			throw ex;
		}
		log.info("executeSearchPermission.end");
		return SUCCESS;
	}

	public String executeSearchRemainModule() throws Exception {
		log.info("SearchRemainModule.start");
		String selectedGroupCode = model.getSelectedGroupCode();
		try {
			if (StringUtils.isNotBlank(selectedGroupCode)) {
				// get listAccessrole from business layer
				List<ModuleInfo> moduleInfoList = securityManager.listRemainModule(selectedGroupCode);
	
				// set to jsp
				model.setModuleInfoList(moduleInfoList);
			}

		} catch (Exception ex) {
			log.error(ex.getMessage(), ex);
			throw ex;
		}
		log.info("SearchRemainModule.end");
		return SUCCESS;
	}
	
	public String executeAddPermission() throws Exception {
		log.info("executeAddPermission.start");
		
		String selectedGroupCode  = model.getSelectedGroupCode();
		String selectedModuleCode = model.getSelectedModuleCode();

		try {

			// Get accessrole from jsp screen
			if (StringUtils.isNotBlank(selectedGroupCode) 
					&& StringUtils.isNotBlank(selectedModuleCode)) {
				PermissionInfo permissionInfo = new PermissionInfo();
				
				permissionInfo.setGroupCode(selectedGroupCode);
				permissionInfo.setModuleCode(selectedModuleCode);
				permissionInfo.setCreatedBy(ContextHelper.getLoginId());
				securityManager.addPermission(permissionInfo);
				
				model.setSuccessMessage(getText("permission.add.success"));
				
				// insert log
				auditLogManager.addAuditlog(
						Constants.LOG_ACCT_TYPE_ACTIVITY,	//0
						Constants.LOG_ActCode_AccessRights_Add, 	//1 
						Constants.LOG_ActName_AccessRights_Add, 	//2
						ContextHelper.getLoginId(), 		//3
						ContextHelper.getCurrentRole(), 	//4
						"Add Permission for Group: " + selectedGroupCode + "; Module: " + selectedModuleCode, //5
						request.getRemoteAddr()				//6
						);

			} else {

				model.setFailMessage(getText("permission.add.fail")); 
			}

		} catch (Exception ex) {
			log.error(ex.getMessage(), ex);
			throw ex;
		}
		log.info("executeAddPermission.end");
		return SUCCESS;
	}

	public String executeDeletePermission() throws Exception {
		log.info("executeDeletePermission.start");
		String selectedGroupCode  = model.getSelectedGroupCode();
		String selectedModuleCode = model.getSelectedModuleCode();
		try {
			if (StringUtils.isNotBlank(selectedGroupCode) 
					&& StringUtils.isNotBlank(selectedModuleCode)) {
				securityManager.deletePermission(selectedModuleCode, selectedGroupCode);

				model.setSuccessMessage(getText("permission.delete.success"));
				
				// insert log
				auditLogManager.addAuditlog(
						Constants.LOG_ACCT_TYPE_ACTIVITY,	//0
						Constants.LOG_ActCode_AccessRights_DEL, 	//1 
						Constants.LOG_ActName_AccessRights_DEL, 	//2
						ContextHelper.getLoginId(), 		//3
						ContextHelper.getCurrentRole(), 	//4
						"Delete Permission for Group: " + selectedGroupCode + "; Module: " + selectedModuleCode, //5
						request.getRemoteAddr()				//6
						);
			} else {
				model.setFailMessage(getText("permission.delete.fail")); 
			}
		} catch (Exception ex) {
			log.error(ex.getMessage(), ex);
			throw ex;
		}
		log.info("executeDeletePermission.end");
		return SUCCESS;
	}
}
